Bug 170279 - dhclient(8) uses low TTL of 16
Summary: dhclient(8) uses low TTL of 16
Status: Closed FIXED
Alias: None
Product: Base System
Classification: Unclassified
Component: bin (show other bugs)
Version: Unspecified
Hardware: Any Any
: Normal Affects Only Me
Assignee: John Baldwin
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2012-07-30 16:20 UTC by johnpoz
Modified: 2014-06-04 15:23 UTC (History)
0 users

See Also:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description johnpoz 2012-07-30 16:20:09 UTC
dhclient uses by default ttl of 16, depending on isp this can prevent getting dhcp lease from dhcp server.

Helping user troubleshoot problem with freebsd based pfsense, user discovered that ttl of dhcp traffic was at 16, vs os default.

info can be found in this thread
http://forum.pfsense.org/index.php/topic,51803.0.html

Per packet.c in source, 
http://svnweb.freebsd.org/base/release/8.3.0/sbin/dhclient/packet.c?revision=234063&view=markup

p.ip_ttl = 16;

Verified this with tcpdump both on freebsd machine along with on dhcp server in local network.  TTL on dhcp traffic shows 16

10:09:51.512335 00:0c:29:9a:bc:8a (oui Unknown) > Broadcast, ethertype IPv4 (0x0800), length 342: (tos 0x10, ttl 16, id 0, offset 0, flags [none], proto UDP (17), length 328)

With default dhclient user not able to get dhcp from his isp.  Using modified dhclient where packet.c p.ip_ttl changed 128 user was able to get IP from his ISP dhcp server.

Fix: 

Changed

p.ip_ttl = 16;

To be
p.ip_ttl = 128;

Ran make, used this new modified dhclient, verified via tcpdump that client was now setting ttl to 128

This allowed dhclient to obtain ip address from dhcp server.

10:04:47.893610 00:0c:29:9a:bc:8a (oui Unknown) > Broadcast, ethertype IPv4 (0x0800), length 342: (tos 0x10, ttl 128, id 0, offset 0, flags [none], proto UDP (17), length 328)
How-To-Repeat: Request lease and check dhcp traffic for ttl.

10:09:51.512335 00:0c:29:9a:bc:8a (oui Unknown) > Broadcast, ethertype IPv4 (0x0800), length 342: (tos 0x10, ttl 16, id 0, offset 0, flags [none], proto UDP (17), length 328)
Comment 1 Dutch Daemon freebsd_committer 2013-04-22 11:10:47 UTC
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

The below message was posted to the FreeBSD Forums -- please consider
expediting this PR and keep the author copied in:

- -------------------------------------------------------------------

Dear FreeBSD community,

Bug 170279 (default TTL of dhcp client is 16) is affecting all
customers of the main fiber provider in Norway (Altibox). Their DHCP
server is quite further than 16 hops away from the main population in
Norway (eastern part).

Using FreeBSD as a firewall is therefore not possible, unless you
change the code by hand and recompile yourself.

I would highly appreciate if the developers would prioritize fixing
this bug (http://www.freebsd.org/cgi/query-pr.cgi?pr=170279).

Kind regards, Med vennlig hilsen, Met vriendelijke groet,
Thomas Mathiesen
- -- 
LinSpes.no
Web: www.linspes.no - www.openerp.no - www.vtiger.no


- -------------------------------------------------------------------

(sorry if you get this twice, the first attempt bounced due to a
mailto: tag being included.)


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.19 (FreeBSD)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iQEcBAEBAgAGBQJRdQynAAoJEA9a9BMWOKcxC+IH/A6qVcuh4FINyfwxQiLEbGtG
Y9+bXJxYu9epLgo8SwZX1yOzwKhsrt5RP3kf6+jGusiM1CNFYGTZC7G/hNRPyl61
KUWZIPj0mOyrsl2qqyWZJhFyuTnjsKgWKJ8sOdDDsyyQtiatGhqfxF28NVGWMo9T
kMni32IfXQlbSY5LvUqlyYVjXitlXIdOQzEg/MvMSSqcykyAf20k0JG/mMHmC+vY
TIMdjPOgRaq47bYw7ii8BByW9UyYCf44zsERLiulM0gP0T9eK/KyQ0ZUDwbVLcLs
kuDNbFsv7FR7ue434igiAgTzheUl5soZv4oqA8SEDFhuqeGXK3YSvLuRczSc108=
=kf9J
-----END PGP SIGNATURE-----
Comment 2 Dutch Daemon freebsd_committer 2013-04-22 11:50:32 UTC
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Cc addresses are not part of the Followup PR, so adding this to
include it explicitly.


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.19 (FreeBSD)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iQEcBAEBAgAGBQJRdRX4AAoJEA9a9BMWOKcx3AwIAK9hB//99gM1DL4L1uXhRyE1
6RtnpB0NY+FWPEYKhpBoDBVF2mo/gsnHLoDi/nirNjJ2hElgwEktXp1VkBVSs8hi
w3fyBvZtDRFmk3EUhAci1zP/dpnxd08W5ZKZ+qdLDOZPur4xey/jMYBxs4GJVIPi
IZ79oOiY95GRtqF9Tg4WqfRvEG3XvFKg4NLwwfcByIqCJAPnlqrnT7iN2Dzs7lJV
OJeoCG6gmiKvJx9T1h95DIN5ogSg8QX1/xd5oHaFavZIqvYzZBRViV3cm4l23jqz
nEHKIpaN9g5o38r94xkwH4qvjcR13rDTrLyQUH6ZU+Xs/uJ1Cahz49R6L2NgeTA=
=PY4R
-----END PGP SIGNATURE-----
Comment 3 John Baldwin freebsd_committer freebsd_triage 2013-04-22 15:04:22 UTC
FWIW, OpenBSD's version still fixes the TTL at 16.  The ISC dhcp client uses a 
ttl of 128.

Looking online it seems other clients also use 128, e.g. Microsoft's:

http://www.google.com/url?sa=t&rct=j&q=&esrc=s&source=web&cd=6&cad=rja&ved=0CF8QFjAF&url=http%3A%2F%2Fsupport.microsoft.com%2Fkb%2F169289&ei=q0J1UfyvLcHD0QGr2YCoCA&usg=AFQjCNHVHJavHlqkEPoA4LIc16FOJPZy4w&bvm=bv.45512109,d.dmQ

Given that, changing the default TTL to 128 seems fine.

-- 
John Baldwin
Comment 4 dfilter service freebsd_committer 2013-04-22 16:02:40 UTC
Author: jhb
Date: Mon Apr 22 15:02:32 2013
New Revision: 249766
URL: http://svnweb.freebsd.org/changeset/base/249766

Log:
  Use a higher TTL (128) for DHCP packets.  This matches the ISC DHCP client.
  
  PR:		bin/170279
  MFC after:	1 week

Modified:
  head/sbin/dhclient/packet.c

Modified: head/sbin/dhclient/packet.c
==============================================================================
--- head/sbin/dhclient/packet.c	Mon Apr 22 13:02:41 2013	(r249765)
+++ head/sbin/dhclient/packet.c	Mon Apr 22 15:02:32 2013	(r249766)
@@ -128,7 +128,7 @@ assemble_udp_ip_header(unsigned char *bu
 	ip.ip_len = htons(sizeof(ip) + sizeof(udp) + len);
 	ip.ip_id = 0;
 	ip.ip_off = 0;
-	ip.ip_ttl = 16;
+	ip.ip_ttl = 128;
 	ip.ip_p = IPPROTO_UDP;
 	ip.ip_sum = 0;
 	ip.ip_src.s_addr = from;
_______________________________________________
svn-src-all@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscribe@freebsd.org"
Comment 5 John Baldwin freebsd_committer freebsd_triage 2013-04-22 16:03:48 UTC
State Changed
From-To: open->patched

Take this. 


Comment 6 John Baldwin freebsd_committer freebsd_triage 2013-04-22 16:03:48 UTC
Responsible Changed
From-To: freebsd-bugs->jhb

Take this.
Comment 7 John Baldwin freebsd_committer freebsd_triage 2014-06-04 15:23:43 UTC
Merged to 8 and 9 in 251708 and 251707, respectively.